Infovision is looking for talent for a senior soc engineer position in mexico (remote).what you’ll need- experience working in cyber security operationsthorough understanding of the threat landscape, the latest security trends, attack vectors for corporate and cloud environments, and how build detection and response tooling to identify and respond to malicious actorsexperience with building and scaling soar/siem technologiesexperience with incident detection and remediationstrong working knowledge of threat vectors, vulnerabilities, and what anomalies to look forstrong working knowledge of linux and/or windows logs & indicatorsone or more scripting languages to automate or build features, python, or powershell preferred.hands-on experience with incident response and monitoring tools, such as siem, edr, firewall management.excellent communication skills, especially the ability to communicate security risks in “business” rather than purely “engineering”strong understanding of cyber security best practices and frameworks such as nist, mitre, att&ck framework, and owasp top 10what you’ll do- in this role you will work closely with the cyber security organization to build monitoring and response tooling and processes to improve our monitoring and response capabilitieslogging - get all security relevant cloud, infrastructure and application logs parsed, and into our siemdetection - setup detection and prevention rules and policies, poc and deploy tools that help with detection, tune/audit deployed rules/policies in security tools on true and false positives, setting up a detection framework, threat intel framework/program, ato detection program/framework etc.response - build plan and procedures for incident response, create playbooks to be followed, automate response, develop/deploy malware analysis tools and techniques, forensic tools and techniques to capture evidence/malware, poc and deploy tools that help with response, integrate with customer service teams and engineering teams etc.build security alerts & dashboards in various incident response tools. Monitor for suspicious activities/alerts in the cloud/infrastructure/application from various sources such as internal reports from employees as well as external reports such as customers/social media, vendors, partners, bug bounty programs etc., deployed/integrated security tools, data visualization tools etc.analyze these suspicious activities/alerts including malware analysis and forensicsrespond to security alerts and incidents, respond to novel issues and take appropriate action to remediate and resolvewe offer:- benefits above lawcompetitive salaryapply here, or send to me your updated resume right to my email:javier.rivera@infovision.com